Opened 10 years ago

Closed 8 years ago

#177 closed design (fixed)

Realm required on challenges

Reported by: mnot@… Owned by: julian.reschke@…
Priority: normal Milestone: 16
Component: p7-auth Severity: Active WG Document
Keywords: Cc:

Description

p7 defers to RFC2617 for the definition of challenge.

RFC 2617, section 1.2 says:

challenge = auth-scheme 1*SP 1#auth-param ... The authentication parameter realm is defined for all authentication schemes:

realm = "realm" "=" realm-value realm-value = quoted-string

The realm directive (case-insensitive) is required for all authentication schemes that issue a challenge.

The interpretation being that challenges (which is what www- authenticate is defined as) MUST contain at least one parameter and that parameter MUST be a realm.

Is it truly necessary for all authentication schemes to include a 'realm' paramter? If so, it should be documented (e.g., in the section about extension authentication schemes).

Attachments (1)

177.diff (2.0 KB) - added by julian.reschke@… 8 years ago.
proposed change for p7

Download all attachments as: .zip

Change History (11)

comment:1 Changed 10 years ago by mnot@…

  • Priority set to blocked

Blocked until we actually take responsibility for this text in 2617...

comment:2 Changed 9 years ago by julian.reschke@…

  • Owner set to julian.reschke@…

comment:3 Changed 8 years ago by julian.reschke@…

  • Priority changed from blocked to normal

comment:4 Changed 8 years ago by julian.reschke@…

Proposal:

  • make realm optional for schemes

Q:

  • what about existing schemes? (for instance, Basic)?

comment:5 Changed 8 years ago by julian.reschke@…

  • Milestone changed from unassigned to 16

Changed 8 years ago by julian.reschke@…

proposed change for p7

comment:6 Changed 8 years ago by julian.reschke@…

From [1354]:

Realm is optional in new schemes (see #177)

comment:7 Changed 8 years ago by julian.reschke@…

  • Resolution set to incorporated
  • Status changed from new to closed

comment:8 Changed 8 years ago by julian.reschke@…

From [1385]:

note change on realm requirement in Changes section, fix ABNF for challenge not to insist on auth-params (see #177)

comment:9 Changed 8 years ago by mnot@…

  • Resolution incorporated deleted
  • Status changed from closed to reopened

comment:10 Changed 8 years ago by mnot@…

  • Resolution set to fixed
  • Status changed from reopened to closed
Note: See TracTickets for help on using tickets.